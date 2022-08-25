Sign In Register
5G
6G
Broadband
The Core
The Edge
Open RAN
Private Networks
The Cloud
Security
AI/Automation
Cable Tech
DOCSIS CCAP Cable Business Services 10G The Bauminator
IoT
OSS/BSS/CX
SD-WAN
Optical/IP
FTTX DCI Routing Any Haul/X-Haul
Test & Measurement
Services
4G/3G/WiFi
Satellite
Video/Media
Regions
Asia Africa Europe India Middle East
Industry Show News
MWC Resource Center Big 5G Event
Events
Optical Networking Digital SymposiumLeading Lights 2022Transforming the Cable HFC Network Breakfast Event at SCTE Cable-Tec ExpoEdge Computing Digital SymposiumConverging the HFC & 5G Networks
Events Archives
Digital Event Archives Cable Next-Gen Europe 5G Orchestration & Service Assurance Digital Symposium Big 5G Event
Microsites
5G Testing Resource Center
White Papers
Leaders In:
Leaders In Pluggable Optics Leaders In – Cloud Leaders In 5G Orchestration
Market Leader Programs
5G Transport: A 2021 Heavy Reading Survey The Journey to Cloud Native Coherent Optics at 400G, 800G, and Beyond 2021 Heavy Reading Open RAN Operator Survey
Webinars
Upcoming Webinars Archived Webinars 5G Webinars Live Learning Webinars
Light Reading Video
Telecom Innovators Showcase
Light Reading Audio
Light Reading Podcast Executive Spotlight Q&A
Communities
The 5G Exchange LR Asia Broadband World News Connecting Africa Telecoms.com Women In Comms
News & Views Events Leading Lights Awards About Us Advertise With Us Newsletter Signup
x
Newsletter Signup Sign In Register
Security

Ransomware roundup: Threats reach 1.2M per month

News Analysis Kelsey Kusterer Ziser, Editor 8/25/2022
Comment (0)

In this ransomware roundup: Barracuda Networks' researchers discover that ransomware threats amount to over 1.2 million each month and 14% of attacks target service providers. In addition, over 80% of ransomware attacks exploit common configuration errors in software and devices, according to Microsoft.

Ransomware threats hit 1.2 million per month

Researchers identified a spike in the number of service providers targeted by ransomware attacks, according to a recent report by Barracuda Networks. In addition, they found that the volume of ransomware attacks jumped between January and June of this year to over 1.2 million each month.

Ransomware is distributed via malicious software that's often delivered in an email attachment or link. Once bad actors gain access to an organization's data, they won't release it until the ransom is paid. In recent years, hackers have added an exploitative threat to publicize the hijacked data.

Barracuda's researchers reviewed 106 highly publicized ransomware attacks over the past 12 months – between August 2021 and July 2022 – and identified the industries most targeted by ransomware to be education (15%), municipalities (12%), healthcare (12%), infrastructure (8%) and financial (6%). Service providers were hit by 14% of ransomware attacks.

Over this time period, ransomware attacks on educational institutions more than doubled, and attacks on the healthcare and financial verticals tripled.

"Many cybercriminals target small businesses in an attempt to gain access to larger organizations," said Fleming Shi, CTO for Barracuda, in a statement. In response, he said, security providers should create products that are easy to deploy, regardless of the size of a company.

"Additionally, sophisticated security technologies should be available as services, so that businesses of all sizes can protect themselves against these ever-changing threats," Shi said. "By making security solutions more accessible and user-friendly, the entire industry can help to better defend against ransomware and other cyberattacks."

Most ransomware attacks exploit configuration errors

The majority of ransomware attacks – over 80% – exploit common configuration errors in software and devices, according to Microsoft's recent Cyber Signals report.

Configuration errors could be leaving applications in their default state, leaving security tools untested or misconfigured, and providing unauthorized users easy access to cloud applications by the way they're initially setup within an organization, reported ZDNet.

Microsoft's report explains how ransomware has become more prolific as bad actors simplify deployment of these types of cybersecurity threats in the form of "ransomware-as-a-service (RaaS)."

"The specialization and consolidation of the cybercrime economy has fueled ransomware-as-a-service (RaaS) to become a dominant business model, enabling a wider range of criminals, regardless of their technical expertise, to deploy ransomware," according to the report.

RaaS lowers the barrier to entry and conceals the identity of hackers behind the threat as well.

Bad actors are also moving quickly – the average time for an attacker to start moving laterally within an organization's network if a device is compromised is one hour, 42 minutes.

Authors of the Cyber Signals report recommend developing credential hygiene, which is network segmentation based on privileges to reduce the chance of bad actors moving laterally through an organization.

The report also suggests auditing credential exposure, reducing the attack surface within an organization, securing cloud resources, preventing initial access and ensuring security services are running in "optimum configuration."

Related posts:

— Kelsey Kusterer Ziser, Senior Editor, Light Reading

COMMENTS
Newest First | Oldest First | Threaded View
Add Comment
Be the first to post a comment regarding this story.
EDUCATIONAL RESOURCES
sponsor supplied content
5G Expanded Services: Blessing, Threat Or Both?--Guyer Group WP on 5G security
See Why 5G Networks Need Embedded Security
Modern DDoS Mitigation Strategies for Service Providers: Adapt to Today’s Threat Landscape
Watch: How Service Providers Can Collaborate Against DDoS Attacks
Traffic Visibility: The Fast Path to SASE Success
NEW Infographic! Get the key service provider findings from our 2H 2020 Threat Report
Whitepaper: Learn how to detect and intelligently orchestrate mitigations for all types of DDoS attacks!
Security for the Telco Cloud
The Future of Deep Packet Inspection: Top Challenges Facing Telecom, Networking & Security Solution Vendors
E2E Autonomic Security Management and Control for 5G Networks
Educational Resources Archive
FEATURED VIDEO
UPCOMING LIVE EVENTS
Optical Networking Digital Symposium
September 13-15, 2022, Digital Symposium
Leading Lights 2022
September 13, 2022,
Edge Computing Digital Symposium
September 20-22, 2022, Digital Symposium
Transforming the Cable HFC Network Breakfast Event at SCTE Cable-Tec Expo
September 20, 2022, Breakfast Event
Converging the HFC & 5G Networks
September 21, 2022, Breakfast Event
The Programmable Telco Digital Symposium
October 4-6, 2022, Two Day Digital Symposium
Open RAN Digital Symposium
October 18-20, 2022, Digital Symposium
All Upcoming Live Events
UPCOMING WEBINARS
August 30, 2022 Enable sustainable business growth with Cloud Metro
August 31, 2022 Taking your subscribers to gigabit and beyond
September 6, 2022 4.9G and 5G Private Wireless Networks Accelerating Digital Transformation Across Industries
September 7, 2022 400G Transmission: Where and How to deploy it?
September 7, 2022 IoT opportunities demand better partner enablement in BSS
September 8, 2022 Unified orchestration and assurance power intent-driven networking in the 5G-era
September 8, 2022 Setting up for success with BEAD funding
September 9, 2022 Light Up Your Smart Life: Practices and Prospects for Android TV
September 13, 2022 Delivering Coherent Pluggable Optics from Edge to Metro and Beyond
September 15, 2022 SCTE® LiveLearning for Professionals Webinar™ Series: Edge Computing: The Next Frontier
September 20, 2022 Edge Digital Symposium, Day 1
September 21, 2022 High Performance Broadband Aggregation at the Edge
Webinar Archive
PARTNER PERSPECTIVES - content from our sponsors
42% of Internet Traffic is from Bots – What is Your Cybersecurity Gameplan? By Vinugayathri Chinnasamy, Senior Content Writer, Indusface
42% of Internet Traffic is from Bots – What is Your Cybersecurity Gameplan? By Indusface
Why a RAN automation platform sets the best foundation for sustainability applications By Peo Lehto, Head of Solution Area OSS, BCSS, Ericsson
5G-Advanced Accelerates Towards a Digital, Intelligent Future By C114
Cooperation Drives the Broadband Vision By Kerry Doyle
All Partner Perspectives
GUEST PERSPECTIVES - curated contributions
Walmart/Paramount+ and embracing the bundle amid streaming's slowdown By Raman Abrol, CEO, Vubiquity and GM, Amdocs
AT&T fiber: On track to cover more than 30M locations by the end of 2025 By Chris Sambar, EVP, AT&T Network
All Guest Perspectives
HOME
Sign In
SEARCH
CLOSE
MORE
CLOSE